<?php
// Submits a plan of study for review.

session_start();
if ( ! isset( $_SESSION['studentLoggedIn'] ) ) {
   exit;
}

require_once("db.php");

// Is there data coming in?
if ( isset($_POST['primaryKey'] ) ) {
   
   $primaryKey = $_POST['primaryKey'];
   $xmlData = $_POST['plan'];
   $allowableCourses = $_POST['allowable'];
   
   $sql = "
      UPDATE gs_plans
      SET xml='$xmlData',
         allowable='$allowableCourses', 
         is_submitted=1,
         is_reviewed=0
      WHERE student_id='$primaryKey'
   ";
     
   my_mysql_query($sql);
   
   $sql = "
      SELECT
         sid,
         `lastname`, 
         `firstname`, 
         `email`
      FROM `gs_students` 
      WHERE id=$primaryKey
   ";
   
   $result = my_mysql_query($sql);
   $student = mysql_fetch_assoc($result);
   
   $message = "A plan of study was submitted by {$student['firstname']} {$student['lastname']} ({$student['sid']})\n\nThe student can be contacted at {$student['email']}.";
      
   mail("gradstudies@cis.gvsu.edu",
        "GradStudies: Plan of Study Submitted",
        $message,
        "From: gradstudies@cis.gvsu.edu"
   );

   echo "<answer>ok</answer>";
}
?>